Vigil@nce: ClamAV, memory corruption via Petite
July 2008 by Vigil@nce
SYNTHESIS
An attacker can create a malicious Petite file in order to create
a denial of service or to execute code in ClamAV.
Gravity: 2/4
Consequences: denial of service of service
Provenance: document
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 08/07/2008
Identifier: VIGILANCE-VUL-7932
IMPACTED PRODUCTS
– Clam AntiVirus [confidential versions]
DESCRIPTION
The Petite program compress Win32 executables.
The libclamav/petite.c function of ClamAV implements the Petite
format. The petite_inflate2x_1to9() function does not correctly
check sections addresses when date is uncompressed, which corrupts
the memory.
This vulnerability is different from VIGILANCE-VUL-7898
(https://vigilance.aql.fr/tree/1/7898).
An attacker can therefore create a malicious Petite file in order
to create a denial of service or to execute code in ClamAV.
CHARACTERISTICS
Identifiers: ERR-2008-2713, VIGILANCE-VUL-7932